KINIT(1) KINIT(1)
NAME
kinit - Kerberos login utility
SYNOPSISkinit [ -irvl ]
DESCRIPTION
The kinit command is used to login to the Kerberos authen-
tication and authorization system. Note that only regis-
tered Kerberos users can use the Kerberos system. For
information about registering as a Kerberos user, see the
kerberos(1) manual page.
If you are logged in to a workstation that is running the
toehold service, you do not have to use kinit. The toe-hold login procedure will log you into Kerberos automati-
cally. You will need to use kinit only in those situa-
tions in which your original tickets have expired. (Tick-
ets expire in about a day.) Note as well that toehold
will automatically destroy your tickets when you logout
from the workstation.
When you use kinit without options, the utility prompts
for your username and Kerberos password, and tries to
authenticate your login with the local Kerberos server.
If Kerberos authenticates the login attempt, kinit
retrieves your initial ticket and puts it in the ticket
file specified by your KRBTKFILE environment variable. If
this variable is undefined, your ticket will be stored in
the /tmp directory, in the file tktuid , where uid speci-
fies your user identification number.
If you have logged in to Kerberos without the benefit of
the workstation toehold system, make sure you use the kde-stroy command to destroy any active tickets before you end
your login session. You may want to put the kdestroy com-
mand in your .logout file so that your tickets will be
destroyed automatically when you logout.
The options to kinit are as follows:
-ikinit prompts you for a Kerberos instance.
-rkinit prompts you for a Kerberos realm. This
option lets you authenticate yourself with a remote
Kerberos server.
-v Verbose mode. kinit prints the name of the ticket
file used, and a status message indicating the suc-
cess or failure of your login attempt.
-lkinit prompts you for a ticket lifetime in minutes.
Due to protocol restrictions in Kerberos Version 4,
MIT Project Athena Kerberos Version 4.0 1
KINIT(1) KINIT(1)
this value must be between 5 and 1275 minutes.
SEE ALSOkerberos(1), kdestroy(1), klist(1)BUGS
The -r option has not been fully implemented.
AUTHORS
Steve Miller, MIT Project Athena/Digital Equipment Corpo-
ration
Clifford Neuman, MIT Project Athena
MIT Project Athena Kerberos Version 4.0 2